On Thu, Nov 4, 2010 at 9:15 AM, anatoly techtonik <[email protected]> wrote: > pickle is insecure, marshal too.
What's the attack you're thinking of on marshal? It never executes any code while unmarshalling (although it can unmarshal code objects -- but the receiving program has to do something additionally to execute those). > What about JSON? IIUC you need a > definition of a class to be able to unserialize it in all cases. I > wonder how is this definition validated, i.e. what to watch for when > modifying classes that can be serialized. Security is all in the code used to deserialize. I haven't analyzed the json library that comes in the stdlib these days, but couldn't it in theory be as safe as XML? (Not that there haven't been any attacks on XML -- but they depended on bugs in the unmarshalling code, the format itself is not insecure.) -- --Guido van Rossum (python.org/~guido) _______________________________________________ Python-Dev mailing list [email protected] http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
